Saturday, August 22, 2009

HOWTO: Asterisk and FreePBX using PBX in a Flash

Table of Contents

0) Requirements
1) Download the ISO file
2) Preparing the PC
3) Installation
3.1) Phase 1: From CD
3.2) Phase 2: From the Internet
4) Networking
5) Install latest patches and scripts
6) Passwords and System Administration
7) Prevent Being Blocked
8) Configuring Your PCI Card(s)
8.1) Configure PCI cards (Asterisk 1.4 + Zapata)
8.2) Configure PCI cards (Asterisk 1.6 + Dahdi)
9) Caller ID and Busy Detect Configuration
10) Updating Asterisk and FreePBX Modules
11) Tips and Tricks
12) Resources and References


This is a guide (HOWTO) on how to install PBX in a Flash (PiaF) and do the initial hardware and software configurations required so that you could start doing your dialplans through the web-interface later on.

This HOWTO will not include steps on configuring extensions, trunks and the like. That will be in another post.

PiaF is a Linux distribution which makes installing and configuring Asterisk and FreePBX an easy task. It's similar to trixbox, only it has no history of security risks and trojans!

It's to be noted that PiaF downloads and compiles from source code. If you have no idea what that means, you'll find out later.

This is a dirty version of the guide. I couldn't get the styling to work properly.
Better versions: HTML Page or Google Document (PDF)

0) Requirements

  • PC: 800 MHz, 256MB RAM, 10GB disk space, CD-Drive, 1x free PCI slot, 1x network port.
  • Digium's TDM PCI card if you wish to make/receive calls from a landline.
  • Internet connection (needed during installation!!!).
  • DHCP Server (Preferred): If you have an Access Point that connects you to the Internet, it has the option already.
  • 1x Blank CD.
  • 1x Network cable.
  • 1x Switch.
  • Patience.

1) Download the ISO file

Get the ISO from:
If you have 4GB of RAM or more, grab the 64-bit ISO, otherwise stick to the 32-bit one. If you wish to venture into the 64-bit world, your processor has to be 64-bit capable.

Burn the ISO image using your favorite CD writing software. Make sure you choose the option to write an image, not put the ISO file in the CD as data!!!

2) Preparing the PC

Boot up your PC and enter the BIOS.
  • Make sure the time is correct! If you don't know the time in Kuwait, call 113. If the time is not correct in your computer, the installation will fail!
  • Somewhere in the menus there should be an option defining boot-sequence: Make sure that the CD-Drive is before the hard disk.

3) Installation

As mentioned before, you will need an Internet connection to proceed with the installation after installing the base packages from the CD. Also, you need a running DHCP server, so that your PBX box can obtain an IP during the installation process. If you have a router at home, chances are it has DHCP running already. It doesn't hurt to double check.

3.1) Phase 1: From CD

Boot the CD and follow the instructions:
  • To install Asterisk 1.4, press Enter. To install Asterisk 1.4 without Logical Volume Management, type ksalt. I chose ksalt.
  • Keyboard type: us
  • Time Zone Selection:
    • System clock uses UTC: No (Deselect)
    • Asia/Kuwait
  • Password: This is your system's password. Make sure it's alpha-numeric and at least 10 digits. The system's administrator username is: root. (Typical on *nix Operating Systems)

The installation process now continues for a while to install required packages from the CD. This would take about 10 minutes.

When the installation is over and the PC reboots, remove the CD. The hard disk will boot.

3.2) Phase 2: From the Internet

[if you know how to run a web-server on a normal PC, jump to the tricks section]

When the PC boots from the hard disk, a screen will come up asking you what to do. You should press A, to install the latest stable release of Asterisk 1.4.
  • Press A; download commences (30MB):
    (Asterisk 1.6:
    MD5 checksum: ecaa6b1bc5c9bf6bca3b086d22e7e4a5 pbx_load.tar.gz
    MD5 checksum: 46d7d6bb60fd2973fe37bd50b10ae7e1 pbx_load16.tar.gz
  • Installation of the package proceeds automatically. Just sit back and read the messages on the screen. Or not.
    DO NOT PRESS THE ENTER BUTTON! If the screen turns off when it idles, press an arrow key (right, left, up, down)

    Do not remove the network cable. The installation may require some extra packages during the installation.

    [i] It takes a long time because the file that was downloaded is the source code, and after downloading it, the installer script unpacks it then starts compiling the source to produce the binaries. Binaries are executable programs. The compilation process usually takes about 20 minutes on a Dual core CPU @ 3GHz.
  • The PC will reboot after the compilation is done.
  • After the PC has booted, you get to a login prompt, login with user: root, and the password you chose during installation.

4) Networking

You could leave your machine on DHCP, but you have to configure your DHCP server or Access Point to always assign the same IP to this machine.

I recommend that you could configure a static IP address in the machine itself by following these steps:
  • Type: netconfig
  • Would you like to set up networking? Yes
  • Deselect “Use dynamic IP” and fill in your network information.
  • Default gateway and primary name server are usually your Access Point's IP address.
  • Click OK and exit the menu.
  • Type: service network restart.
  • echo "nameserver" > /etc/resolv.conf (replace the Xs with your IP)

In my case, even when setting the name server in the netconfig menu, it didn't get written until I do it manually or run netconfig again.

That's it. Now the IP is static to whatever you chose up there.

Now you should be able to reach the web interface on: http://<ip> -- but don't. We need to patch the files then configure some security options and passwords!

5) Install latest patches and scripts

You must not skip this step. It's essential to get things working!
  • In the shell, type: update-scripts
    This will bring up some boring text about the code and what's being installed.
    Press Enter and you see a list of more commands to use.
    Press Enter again and then press Y. This was just an agreement page and you're back to the shell.
  • Now run update-scripts again and press Y, to download the required stuff.
    This will download the files:

    97e8ccfbfd27f611e98ced4e8f791f95 securescripts.tar.gz
    52c9435c93eaa0dcadb9d83889145b2f pbx-scripts.tar.gz
    430207ba3db9eae8c7fde495a1815731 apache-auth.conf.gz
  • After that, it will tell you to type: update-fixes. Do it.
    Press Y to continue with the script. This will apply patches and security enhancements to your setup.

    It asks you later to press Enter, then set a password for the ARI interface. Use the same password used for the root user.
    It may take some time (even when it says thank you), so wait for it.

    If you wish to see the configurations, press Y, otherwise q.

In the future, if you want to update asterisk and related packages, type: update-source.

[i] For Asterisk 1.6: As of this writing, update-source16 doesn't work yet and the script asks to check the forums for a workaround for now.

[i] To see a list of all helpful commands, type: help-pbx.

6) Passwords and System Administration

Before venturing into the web interface, you have to change the default passwords!
Also, the main password script will ask if you would like to install Webmin, an application that allows you to administrate your Linux box through the web interface. I will not go with this option, to reduce the security risks.

Type: passwd-master

7) Prevent Being Blocked

There's a "security" application running on PBXiaF which if you enter the wrong password 3 times, will block your IP and lock you out of the PBX!!

I would suggest you disable it till you get the hang of things. Type: service fail2ban stop

[i] It will be re-enabled the next time you boot.
[i] The command disable-fail2ban may say that you don't have fail2ban installed, but when typing "status" it will show as running. This may happen on an Asterisk 1.6 setup.

If you wish to disable it for good, type: chkconfig fail2ban off

8) Configuring Your PCI Card(s)

Depending on which version you installed, follow the proper section.

8.1) Configure PCI cards (Asterisk 1.4 + Zapata)

In the shell, type:
amportal stop
genzaptelconf -vvvv

This will generate the file /etc/asterisk/zap-channels.conf which is automatically included by /etc/asterisk/zapata.conf

Now type:
amportal start

8.2) Configure PCI cards (Asterisk 1.6 + Dahdi)

root@pbx:/var/log/asterisk $ dahdi_genconf -vvv
Default parameters from /etc/dahdi/genconf_parameters
Generating /etc/dahdi/system.conf
Generating /etc/asterisk/dahdi-channels.conf
root@pbx:/var/log/asterisk $ dahdi_cfg -vsfd5
DAHDI Tools Version - 2.2.0
Line 9: fxsks=1
Line 10: echocanceller=mg2,1
Line 17: loadzone = us
Line 18: defaultzone = us

DAHDI Version:
Echo Canceller(s):
1 channels to configure.

About to open Master device

9) Caller ID and Busy Detect Configuration

We'll need to add these lines to the file: /etc/asterisk/zapata.conf
cidsignalling=v23 ;caller-id option
cidstart=polarity ;caller-id option
busydetect=yes ;busy tone detction
busycount=5 ;disconnect after 5 busy tones

nano /etc/asterisk/zapata.conf

Add the lines above under "hidecallerid" then to save the file: CTRL+X, Y, Enter.
Now type: amportal restart

10) Updating Asterisk and FreePBX Modules

Login to the web interface by directing your browser to http://<ip>
Slide the white bar at the bottom-left to the right and click on the admin link, then on the picture: "FreePBX Administration"
Username: maint
Password: What you chose with passwd-master

On the left panel, click Module Admin. Then on the right page, click Update. You should update your installed modules to get the latest stable versions.
You could after that install new modules.
The modules I installed were:
  • Announcements
  • Asterisk CLI
  • Asterisk Info
  • Backup & Restore
  • Blacklist
  • Callback
  • Call Forward
  • Call Waiting
  • Conferences
  • ConfigEdit 1.0
  • Day Night Mode
  • Do-Not-Disturb (DND)
  • Follow Me
  • FreePBX ARI Framework
  • FreePBX FOP Framework
  • Asterisk Logfiles
  • Misc Applications
  • Misc Destinations
  • Paging and Intercom
  • Print Extensions
  • Queues
  • Ring Groups
  • Sys Info phpsysinfo 2.5.3
  • Time Conditions

11) Tips and Tricks

If you know how to run a web-server on a local machine, you can minimize the time it takes to download the files (especially that their website can be slow at times).

You need to do two things:
  • Download the files mentioned above and put them in the proper location
  • Override DNS records for the domains the scripts use

  1. 1.In your default web-directory (/var/www) create these directories: mkdir -p /var/www/ast14/files
    Look at the links above and put them in the proper directory.
  2. 1.On your Asterisk box, type: nano /etc/hosts
    Add these entries:

Replace the Xs with your web-server's IP.
At least now if you mess-up the installation and can save yourself the time it takes to redownload the files!

12) Resources and References


PBX in a Flash


Munin Reports

Hardware Config

Asterisk Config


SIP Phone Recommendations

Dahdi/Asterisk 1.6

Tuesday, August 18, 2009

Ubuntu Mirror By QualityNet

The awesome guys 3baid, Bojacob and N. at QualityNet have done a great deal and created a mirror for Ubuntu.

I've been using it for the past few days and let me tell you, no more crappy bandwidth!!! Click the mirror link for details on how to add it.

Currently the mirror is an official mirror but not yet a mirror for Kuwait. They're working on that.

Kudos to you guys for the great work.

P.S.: The names are in alphabetical order.

Wednesday, August 12, 2009

Peer-to-Peer Phone Network


I was standing in the bathroom washing my face this morning and I got this amazing idea*; an idea to revolutionize communications and reduce the cost of phone calls!

Imagine an anonymous phone network where you can create a number when you want, and dump the number when you want.
Imagine a phone network where you call and receive phone calls for free.
Imagine a phone network that allows you to block numbers for free.
Imagine a phone network where you have free voicemail and voicemail-to-email service.
Imagine a phone network that links all your numbers (p2p, GSM, landline) providing full reachability.

This is the: Peer-to-Peer Phone Network (PPPN: Pronounced: Pippin).

* A light-bulb didn't flash above my head, because it was morning and Tarsheed would've bludgened me to death with a bunch of old bulbs...

How Does It Work?

Still reading? Great! Let me explain how this works!

The Pippin Network consists of two parts: Nodes and Clients.

Nodes: A bunch of people buy a tiny computer that has customized free software packages on it. This PC is connected to a network that can reach the Internet. This PC is considered a node in the Pippin Network.

Clients: You have a PC, laptop, or a mobile phone with an Internet subscription. You download a free program on your phone that connects to the Pippin Network. Once you login to your extension/number, you reach any extension you want by going over the Internet through the Pippin Network.

That's it!


I spent the past 7-10 days setting up a PBX at home and just today I got this idea. I searched online on the concept and turns out there is a similar idea, but the implementation method is different. That idea was to have the mobile phones act as both the node and the client. This not the case with The Pippin Network.


Pippin Network relies on an existing GSM network by mobile phone carriers and on people donating bandwidth for people to call each other.

The reliance on the GSM network is actually good, because we mitigate the problem of having to figure out how to handle hand-offs, that is, when moving between Access Points. Since you're receiving your Internet through your carrier, your mobile is already handling hand-offs gracefully and guarantees almost zero down-time and full availability of the service.

To route and connect calls between clients (people), we need nodes with Internet connection. Node-providers (not owners) are donating free bandwidth. Since upload bandwidth is typically low (up to 512kbps only), it makes it more valuable and dissuade people from becoming node-providers, but there are workarounds; continue reading.

Is It Really Free?

Not quite. You need to have the following:
  1. Mobile phone/PC/Laptop

  2. Internet subscription from your carrier/ISP (Zain, Wataniya, Viva)

  3. Enough nodes to sustain the clients calling each other (idle ones don't count)

Legal Issues

Question: Voice-over-IP technology is banned from use in Kuwait. How will this work?!
Answer: VoIP is banned from being used for International calls. It's perfectly legal to use it within Kuwait.

Question: But calls are going over the Internet. You're providing International reach and it's illegal.
Answer: Wrong. Pippin network is designed to be restricted to Kuwait only. (See the technical section for details)

Question: What happens in cases of harassment and abuse?
Answer: What happens if I create an email and harass you?

Project Status

As of this writing, the project is still a draft that I'm working on. There are many of things to check and test existing software to see how to tweak it to see if it fits the project's needs.

Do I need help?
I sure can't pull this off on my own in a reasonable amount of time, if any. So I'd rather work with a team where each specializes in an aspect of the project, or at least is willing to learn about the aspect assigned.

This projects taps into the following concepts and fields:

  • Decentralized Networks

  • Telephony (Using Asterisk and SER) and VoIP

  • Dynamic DNS

  • Mobile Java

If you feel that you can aid to the project in any way (not necessarily in the above areas), contact me. If you don't hear from me with in 48-hours, post a comment here.

I also recommend that you post a comment here (even an empty one) and subscribe by email, if you wish to be updated on the status of the project.

Saturday, August 8, 2009

Asterisk PBX: Status on Version 1.6.x

As of this writing, the latest version is 1.6.2 and Dahdi version 2.2.0, and there's a standing bug for all cards using the driver: wctdm24xxp.

The cards using that driver are:
Digium TDM2400P/AEX2400: up to 24 analog ports
Digium TDM800P/AEX800: up to 8 analog ports
Digium TDM410P/AEX410: up to 4 analog ports

Bug symptoms:
You will be unable to make outgoing phone calls, until someone rings the line from outside, or if you remove the phone cable and plug it in again.

If you attempt to make an outgoing call, you'll receive an audio message from Asterisk saying: "All circuits are busy now"

Bug workarounds:
If you have compiled your own Asterisk 1.6, then you could apply the patches by the people in the link above.
Use jkroon's patch for Asterisk version 1.6.0.x, and tzafrir's patch for Asterisk 1.6.1.x or 1.6.2.x. You'll need to apply these patches to the source code, then recompile.

I will not be patching my Asterisk as I have no desire to compile Asterisk, to avoid going to fix other things (like Dahdi) in case it broke. So it's Asterisk 1.4 for me, for now.

* Dahdi is the replacement of Zaptel/Zapata. These are the telephony cards' drivers.

Wednesday, August 5, 2009

trixbox security concerns

WARNING: I want to alert everyone to NOT use trixbox due to security concerns.

I've been told by some guys in asterisk-related IRC channels that trixbox has known security problems and is not fixing them.

A quick search turns many results.

Security concerns include (but not limited to):
- Known security risks in their web-GUI and other packages but remain unpatched
- trixbox sends private information to its company without prior consent of users
- trixbox had history of installing scripts on the systems without prior notice of users

There are alternatives and I will document the installation process of one of them in a later post.

Alternatives are: AsteriskNow and PBX in a Flash.